to a new 240-page security report from Microsoft dubbed the Security
Intelligence Report, America is among the most infected countries
in the world when it comes to botnets. The report uses
information collected in the first half of 2010 via the Microsoft
Malicious Software Removal Tool.Over 2.2 million PCs in
the U.S. are infected with a virus that makes them part of one of the
internet's massive botnets. The term "botnet" refers
to a group of connected computers that can be used for ill purposes
such as spamming, distributed denial of service (DDoS) attacks, and
mass credit card fraud.Brazil came in second place for most
infected computers, with 550,000 botnet-infected PCs. Per
computer population, though South Korea had the highest rate (though
its total number of infected machines is lower than that of the U.S.
or Brazil). In South Korea 14.6 out of 1,000 PCs are in a
botnet, versus 5.2 computers out of 1,000 in the U.S.Cliff
Evans, head of security and identity at Microsoft UK, comments to BBC
"Most people have this idea of a virus and how it used to
announce itself. Few people know about botnets."Fewer
people perhaps know about Microsoft's Malicious Software Removal Tool
(MRT). MRT has been is a free tool Microsoft includes with
Windows XP, Windows Vista, and Windows 7. First released in
2005, the tool is easy to run -- just go to "Start", type
"run" in the search bar, and then type "mrt"
(case insensitive) in the resulting popup. The tool will then
activate and be ready to scan your computer and remove many common
types of malware.Perhaps if everyone learns how to use the
MRT, America can escape earning the dubious distinction of being the
world's biggest botnet participant in 2011. Given the general
of security, that seems unlikely, though.Despite the
difficulty in getting the public to practice proper security,
Microsoft is taking steps to try to win the war against botnet
masters on its own. The company recently seized
control over 276 internet domains that were being used by
botnet owners. And it has beefed
up the securityof its most recent operating system, Windows 7,
making it harder to infect new PCs.
quote: Mac advocate or not, the bulletin you linked has nothing to do with the Windows Operating System. It's for Internet Explorer. Those are completely separate software entities and you can use one to infer that the other is insecure. It would be like myself (or another poster) linking a known defect with Safari web browser and claiming that Mac OS X is insecure. That is simply not the case, Safari has a problem, not Mac OS X.
quote: IE has not been truly built into windows explorer since IE6.
quote: But its not like it used to be, built directly into Windows Explorer.
quote: P.S Where did you see they withheld anything? MS releases security patches all the time(patch Tuesday for non critical, and a critical patch if required), why would this be a PR nightmare over other IE flaws that have been patched?
quote: The vulnerability used in the attacks (CVE-2010-0249) was privately reported to Microsoft last August by Meron Sellen, a white-hat hacker at BugSec, an Israeli security research company. Microsoft program manager Jerry Bryant said the company confirmed the severity of the flaw in September and planned to ship a fix in a cumulative IE update next month.